Out-of-Band Authentication

Why Trust Techopedia

What Does Out-of-Band Authentication Mean?

Out of band authentication (OOBA) is a term for a process where authentication requires two different signals from two different networks or channels. These kinds of more sophisticated authentication prevent many kinds of fraud and hacking. Out-of-band authentication will effectively block many of the most common kinds of hacking and identity theft in online banking.

Advertisements

Techopedia Explains Out-of-Band Authentication

The essential idea behind out-of-band authentication is that by using two different channels, authentication systems can guard against fraudulent users that may only have access to one of these channels.

One of the most common examples of out-of-band authentication is in banking transactions. Typically, a customer wishing to do an online bank transaction will be sent an SMS message by cell phone with a password. This way, any hackers or identity thieves that have access through key loggers or other equipment will not be able to access that particular password, because it is sent over a 3G or 4G wireless network instead of being sent over the Internet. This type of authentication can be extremely effective as long as fraudulent operators haven’t somehow gained access to the user’s cell phone system as well. Sophisticated hacking that is able to access the SMS message and password is often called a man-in-the-middle attack. In general, a man-in-the-middle attack involves creating a dummy network that will trick the victim into thinking that it is a legitimate network. If the actor can intercept the user’s cell phone communications, it may be possible to overcome out-of-band authentication security protocols.

Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.